Creating Op Resilience in the Brave New Virtualized & Cloud World

This presentation will take the audience through a trip back into the past world of Business Continuity and Disaster Recovery when “IT” was “DP” and the concepts of data protection were in their infancy. We will move into the current state with a look toward the future utilizing the “Cloud” to create virtual DR. How does an enterprise know when and if that is right for them to cross that Chasm?

In December, the Business Continuity Institute (BCI) publishes its latest research project, The Emergency Communications Report. The annual report surveyed over 600 industry professionals, reviewing emergency communications and security incident response plans for organizations around the world. This year’s findings revealed that global businesses are increasingly aware that true business resiliency is a company-wide initiative that involves taking accountability for the safety of all staff—whether they are located in the office, at home or on the road. Respondents indicated that a diversity of departments, including business continuity, IT, security, facilities, HR and more had a stake in the management, planning and enforcement of their organization’s emergency communications plans, but that an opportunity exists to optimize these processes to account for a global, mobile workforce, as well as the increased complexity and frequency of critical events and physical security incidents.

Join Owen Miles, Managing Consultant from Everbridge, and Patrick Alcantara DBCI, Senior Research Associate at the BCI and the author of the report, for an engaging webinar that will discuss the research findings and share additional best practices for critical communications.

In this session, Nick Wildgoose Global Supply Chain Product Leader and Tim Astley Regional Practice Leader Strategic Risk & Business Resilience will summarise the key points from the latest BCI Supply Chain Resilience Survey and talk about a number of key actions that can be taken improve the risk picture. These will include:

- How do you approach getting Executive support for a supply chain risk program
- The importance of having a comprehensive approach to supply chain risk management
- The increasing role of technology and big data in understanding supply chain risk

There has always been change in our profession. We originally started by implementing disaster recovery programmes. Soon after that, the businesses realized that the people aspect of recovery was needed as well. The results were the beginning of business continuity programmes. DR and BC have worked together almost two decades now with great success. We are now at a major transformation point again. Business continuity is now sharing more information and interacting more with security and compliance groups.

This session will go over what most of us already have in place, what we will need to add, and how all three groups interface together to provide a new resilience program for your environment. The goal of this session is to show the interactions between risk management, business continuity, security and compliance that form the components of a resilience programme.

Business continuity can be a high pressured role at times, with many decisions having to be made under that pressure. It is important to be able to manage it effectively and so ensure the right decision is taken, whatever the circumstances. In this webinar, Paul Breed MCBI presents a decision making model which includes:

Information - (Fact, Assumption, Gaps - urgency)
Threat and Risk Assessment - based on Identity, Capability, Intention
Development of a Working Strategy - that dovetails the Threat and Risk Assessment
Options - ideally from a predetermined tactical menu that reduces time critical decision making
Action - based on the agreed option together with contingencies
Review - constantly review the decision especially when new information comes to light

The frequency of cyber-attacks continues to increase at an unparalleled pace. By attacking the most vulnerable value chains of organizations, they result in information confidentiality & integrity breaches, discontinuity of business activities and huge damages. Once considered predominantly as a technological issue, the risks related to the information systems are now evaluated within the Enterprise Risk Management scope. On the other hand, traditionally, Business Continuity Management (BCM) is mostly treated as a domain separate from Information System Security Management (ISSM). With the rapid explosion of cyber threats, the alignment between BCM and ISSM is now becoming a must, in order to provide management with a holistic view and enabling them to implement organizations where the teams closely interact with each other.

It goes without saying that the organizational part of security and BCM is the key for a successful implementation, yet the information system (IS) part needs to also be addressed in an efficient way. Various standards and frameworks exist to help organizations implementing a BCM, but they lack a strong link with the governance, architecture and security of the IS. In this webinar we will introduce very briefly an innovative approach and describe the first steps for the linkage between the two worlds, enabling an efficient implementation of BC based on an architectured and secured IS.

This webinar will present the benefits of aligning to the ISO 22301 standard and of the certification to the Standard for an organization as well as the benefits for individuals to be knowledgeable on the ISO 22301. It will also present the training course offered by the BCI to improve knowledge of this Standard and a staged approach to certification with the self-assessment tool. The training and tool were developed by ICOR, the International Consortium for Organizational Resilience.

Marie-Hélène Primeau is a BCI instructor and teaches the ISO 22301 Lead Auditor Course. Her organization, Premier Continuum, has also integrated ICOR ISO 22301 Self-Assessment Tool in its BCM Software ParaSolution and distributes it under license.

Patrick Roberts is a Director of Cambridge Risk Solutions Ltd and has been an MBCI since 2007. In this webinar he looks back at some of his CPD activities over the last ten years, ranging from courses and conferences to books and journals. Although CPD within the BCI is now much more structured, and many more courses are available; he argues that some of the avenues that he has pursued may still be of value to future generations of business continuity practitioners.

Increasing business continuity awareness often focuses on posters and newsletter campaigns, and ensuring that staff know where the policy and plans are kept. However, ISO 22301 requires that awareness includes staff understanding ‘their contribution to the effectiveness of the BCMS’, not just the plan. This presentation will consider a broader approach to awareness within an organisation, considering approaches to make all aspects of a BCMS second nature, and an integral part of business as usual.

Effective organizational resilience depends upon the ability of senior management teams to predict and therefore adapt to rapidly changing external threats. The lead time once enjoyed by decision makers to analyse and respond is ever decreasing. Traditional planning methods, do not allow leaders to anticipate global challenges as they generally focus inwards and rely on historical data.

The presentation provides some basic advice on how you could use horizon scanning methodology to help predict future risks to your organization.

Exercising is vital in order to keep your continuity plan and staff up-to date.
We will talk more about why it is important to exercise and what the useful prerequisite are to exercise.
There are several types of exercises and I will high light some of them and how to conduct an exercise.

The 2016 BCI Horizon Scan, supported by important studies such as the 2016 Allianz Risk Barometer, the World Economic Forum Global Risks Report and the BCI Supply Chain Resilience Report paint a picture of increasing and ever evolving threats to our organizations and the world we live in.

This webinar explores those threats and trends and provides conclusions and key takeaways that shape how we all, as business continuity professionals, need to adjust our focus and initiatives to prepare and respond to the evolving environment we all live in.

Join Brian Zawada and 20/20 white paper Author John Jackson for a compelling look at how our roles will change in the years ahead.

The results of the 2016 Cyber Resilience Survey confirm much of what we already suspected about the changing nature of the cyber threat and the way that cyber criminals have found new ways past corporate perimeter security. The increased difficulty of breaching perimeter security and the increased human resources available to cyber criminals has combined to produce a new point of attack. This is focused on the weakest link in the corporate security chain, which is now human beings rather than technology. The research shows clearly that phishing and social engineering is now the single top cause of cyber disruption, with over 60% of companies reporting being hit by such an incident over the past 12 months.

In this webinar, we will be looking at some of the findings from the study, and discussing what actions organizations can take to help improve their cyber resilience.

Most businesses have near zero tolerance for service outages and disruptions, regardless of the cause. How do Business Continuity professionals demonstrate a positive ROI for applications while meeting always-on expectations? In an operationally always-on world, business communications must be real-time with rapid response to outages to keep your business running. To achieve this level of Operational Resiliency, you must implement automated communications that eliminate breakdown during a crisis event or disruption. Join this webinar to learn about the latest technologies that you can use today to automate communications for real-time incident and crisis management, regardless of the channel. Are you ready to respond to your next disruption?

There are crises and then there are reputation train wrecks. In the former, your organisation is thrown into a period of chaos that may last days, weeks or months. Stakes and costs are high, but by quickly demonstrating ownership, integrity, genuine stakeholder concern and swift action, your chance of recovering and even enhancing your organisation’s reputation is strong. Think Johnson and Johnson’s Tylenol crisis.

In the latter on the other hand, slow response, lack of responsibility, blame and insensitivity to stakeholders’ perceptions will quickly propel your organisation into a reputation train wreck that may damage and possibly destroy it forever. Think BP, Volkswagen and FIFA.

Indeed bad management and communication can turn a crisis into a reputation train wreck and only principled-based organisations with effective crisis leadership and preparedness can weather the storm and even emerge from it stronger. In this webinar, you will:

- Gain some fundamental best practice insight on how prepare for crises and prevent a reputation train wreck
- Learn real-world response strategies to protect your credibility and retain stakeholder trust even in the most adverse circumstances

Due to the recent economic climate, never before have we witnessed the current level of pressure on businesses to protect customers, employees and the business, covering all sides of the organization to make it more resilient. In general, the motivational factor for preventing loss of business assets and ability to operate is financial, and requires that you improve your business not just protect it.

Many companies struggle and over spend because they decide to throw money and resources at the problem and treat each area of the business as a silo. By taking this approach, the opportunity for an incident is very high and usually does happen. The opportunity for organizations is to recognize a single integrated approach that will address all areas.

Your BCMS investment should not be a standalone document or simply a cost to your operations. Instead, a strong BCMS supports business operational value.

You can show an immediate ROI when resiliency and reliability are weaved throughout the design of a system or process instead of adding a business continuity plan as solely a disaster element. In this webinar, John DiMaria AMBCI will discuss multipurpose solutions that increase both reliability and functionality that not only protect your business but improve it.

The theme for Business Continuity Awareness Week 2016 is return on investment, a theme design to highlight the value of business continuity. During the week, Business Continuity Institute will be publishing a new paper highlighting what some of those returns are. These are returns that go beyond the obvious benefit of BC when disaster occurs, but rather they are returns that do not require the activation of the BC plan. Join Patrick Alcantara DBCI and Andrew Scott CBCI as they present some of the findings from this research.

Predictions show that there will be almost 21 billion connected devices by the end of 2020. The need to deliver 24/7 access to data and applications has never been more critical. Companies want to ensure business continuity and thus cope with the new demands of their customers and employees to remain competitive today. Organizations must innovate by quickly providing IT services for their teams, enhancing security and control, reducing operating costs and increasing flexibility. To meet these parameters, companies are implementing highly virtualized modern data centers by investing in modern technologies such as virtualization, storage and the Cloud.

The Business Continuity Institute (BCI) was established in 1994 to enable individual members to obtain guidance and support from fellow business continuity practitioners. The BCI currently has over 7,000 members in more than 100 countries.